Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/dXS4uqQbV9KiWOatevstRwXV3FQ.roa
File: dXS4uqQbV9KiWOatevstRwXV3FQ.roa (raw, json)
Hash identifier: wUOTr6GpZQ+TUav25L9HAgsbPY3sydwqPw0bqf9VkJE=
Subject key identifier: 75:74:B8:BA:A4:1B:57:D2:A2:58:E6:AD:7A:FB:2D:47:05:D5:DC:54
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018CDB037E17401A8981A8410D77F546161C
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/dXS4uqQbV9KiWOatevstRwXV3FQ.roa
Signing time: Fri 05 Jan 2024 19:04:48 +0000
ROA not before: Fri 05 Jan 2024 19:04:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 185.227.146.0/23 maxlen: 24
185.220.251.0/24 maxlen: 24
185.220.249.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
193.58.146.0/23 maxlen: 24
45.8.21.0/24 maxlen: 24
185.251.229.0/24 maxlen: 24
185.223.82.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.223.83.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 Jan 2024 10:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:db:03:7e:17:40:1a:89:81:a8:41:0d:77:f5:46:16:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 5 19:04:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7574b8baa41b57d2a258e6ad7afb2d4705d5dc54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:eb:36:c3:3d:a9:d8:b0:0f:ef:7e:e6:f7:1c:
df:b6:5b:64:51:46:01:a9:71:f3:41:53:97:9f:05:
ad:2e:88:0e:44:6c:98:54:60:69:8b:04:8d:75:2f:
cd:f4:5b:89:8f:8e:c3:44:ec:d2:a2:41:c9:88:90:
04:36:d3:c8:0d:2b:f2:4e:9d:bf:bf:af:ec:dc:f8:
14:e8:96:12:f4:ed:89:b7:be:03:f1:c8:db:ed:9c:
f8:49:27:64:8c:d2:9d:a3:34:37:d0:64:46:f9:6e:
68:b4:0c:44:6e:54:d4:8d:79:f4:2f:12:d8:ba:0e:
69:f4:7b:71:f8:c3:5c:80:18:06:64:85:9c:a2:13:
64:98:4f:74:85:3f:01:dd:14:39:20:61:48:10:15:
c1:b6:a9:a5:7e:3b:42:d1:67:e6:4a:8d:af:9a:96:
26:05:7c:f2:b3:86:da:7a:68:45:6f:1f:0f:cf:dd:
e0:27:08:fe:f4:6a:de:fb:1d:64:f3:59:fa:b9:aa:
b3:fd:50:49:73:6a:ca:ad:00:cb:8e:b0:68:13:5e:
45:45:0c:d9:aa:63:59:df:17:96:49:f1:9c:1c:25:
b6:8b:77:d7:08:92:7a:6d:be:83:eb:5e:dd:c0:2f:
3d:8e:9d:21:07:21:cc:19:6f:2a:b4:91:38:e8:21:
19:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:74:B8:BA:A4:1B:57:D2:A2:58:E6:AD:7A:FB:2D:47:05:D5:DC:54
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/dXS4uqQbV9KiWOatevstRwXV3FQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.220.249.0-185.220.251.255
185.223.82.0/23
185.225.0.0/23
185.227.146.0/23
185.251.229.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
58:03:a6:0c:cd:ec:cf:4e:8c:35:9f:d3:1a:43:60:f7:7b:1a:
f3:54:00:dd:cd:94:55:f9:eb:48:7a:28:35:17:71:e7:eb:e4:
e1:81:26:c9:f9:2b:c1:46:71:f8:dc:ae:21:4c:9e:1b:de:c3:
af:91:41:ef:f8:0a:a9:4c:ce:ef:00:c5:87:b0:26:7c:18:ea:
b9:6c:93:50:94:0d:aa:cd:3a:44:85:7a:f4:32:9c:7a:0c:ed:
4f:51:cd:6d:81:d9:ab:79:8a:37:6b:88:e3:42:f6:e2:4f:e9:
80:bb:81:47:02:56:4e:0e:89:b8:47:62:df:26:a2:40:0c:01:
09:d9:90:bb:28:f7:bd:42:77:ce:97:9f:0d:4f:e2:18:b8:b6:
7e:0b:54:de:1c:71:32:bd:e7:bc:3f:66:2f:be:47:9f:c3:8c:
73:d8:08:0d:e7:42:66:e1:01:82:eb:13:9c:98:2f:eb:f4:61:
e6:dc:10:58:9c:4b:36:f5:24:ce:74:a8:93:b8:eb:4f:08:ad:
ec:a9:73:9e:f8:e9:10:2f:a2:bd:9e:d7:0f:7f:48:4e:a9:b4:
53:80:42:9a:91:03:b3:0c:34:17:5e:05:f3:3a:ba:f9:44:4f:
24:23:e8:33:55:8f:91:75:a4:f1:b5:e8:9d:3a:21:93:36:e9:
6c:34:a8:78
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYzbA34XQBqJgahBDXf1RhYcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMTA1MTkwNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTc0YjhiYWE0MWI1N2QyYTI1OGU2YWQ3YWZiMmQ0NzA1ZDVkYzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkes2wz2p2LAP737m9xzftltkUUYB
qXHzQVOXnwWtLogORGyYVGBpiwSNdS/N9FuJj47DROzSokHJiJAENtPIDSvyTp2/
v6/s3PgU6JYS9O2Jt74D8cjb7Zz4SSdkjNKdozQ30GRG+W5otAxEblTUjXn0LxLY
ug5p9Htx+MNcgBgGZIWcohNkmE90hT8B3RQ5IGFIEBXBtqmlfjtC0WfmSo2vmpYm
BXzys4baemhFbx8Pz93gJwj+9Gre+x1k81n6uaqz/VBJc2rKrQDLjrBoE15FRQzZ
qmNZ3xeWSfGcHCW2i3fXCJJ6bb6D617dwC89jp0hByHMGW8qtJE46CEZBwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFHV0uLqkG1fSoljmrXr7LUcF1dxUMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvZFhTNHVxUWJWOUtpV09hdGV2c3RSd1hWM0ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQALQgVMAwD
BAC53PkDBAK53PgDBAG531IDBAG54QADBAG545IDBAC5++UDBAHBOpIwDQYJKoZI
hvcNAQELBQADggEBAFgDpgzN7M9OjDWf0xpDYPd7GvNUAN3NlFX560h6KDUXcefr
5OGBJsn5K8FGcfjcriFMnhvew6+RQe/4CqlMzu8AxYewJnwY6rlsk1CUDarNOkSF
evQynHoM7U9RzW2B2at5ijdriONC9uJP6YC7gUcCVk4OibhHYt8mokAMAQnZkLso
971Cd86Xnw1P4hi4tn4LVN4ccTK957w/Zi++R5/DjHPYCA3nQmbhAYLrE5yYL+v0
YebcEFicSzb1JM50qJO4608Ireypc5746RAvor2e1w9/SE6ptFOAQpqRA7MMNBde
BfM6uvlETyQj6DNVj5F1pPG16J06IZM26Ww0qHg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:28 2024 by rpki-client on console-ams.rpki-client.org